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Labeled transition systems are typically used to represent the behavior of nondeterministic processes, 
with labeled transitions defining a one-step state-to-state reachability relation. This model has been 
recently made more general by modifying the transition relation in such a way that it associates with 
any source state and transition label a reachability distribution, i.e., a function mapping each possible 
target state to a value of some domain that expresses the degree of one-step reachability of that target 
state. In this extended abstract, we show how the resulting model, called ULTRAS from Uniform 
Labeled TRAnsition System, can be naturally used to give semantics to a fully nondeterministic, a 
fully probabilistic, and a fully stochastic variant of a CSP-like process language. 

1 Introduction 

Process algebras are one of the most successful formalisms for modeling concurrent systems and proving 
their properties such as correctness, liveness or safety. After their initial success in this respect, they have 
also been extended to deal with properties related to performance and quality of service. Thus, process 
algebras have been enriched with quantitative notions of time and probabilities and integrated theories 
have been considered; for a comprehensive description of this approach, the reader is referred to [T]. 
Moreover, due to the growing interest in the analysis of shared-resource systems, stochastic variants of 
process algebras have also been proposed. The main aim being the integration of qualitative descriptions 
with those relative to performance in a single mathematical framework by building on th ecombination 
of labeled transition systems (LTS) and continuous-time Markov chains (CTMC). 

In 191, two of the authors of the present paper, together with D. Latella and M. Massink, proposed 
a variant of LTS, namely rate transition systems (RTS), as a tool for providing semantics to some of 
the most representative stochastic process languages. Within LTS, the transition relation describes the 
evolution of a system from one state to another as determined by the execution of specific actions, thus it 
is a set of triples {state, action, state). In contrast, within RTS the transition relation ^ associates with 
a given state P and a given transition label (action) a a function, say mapping each term into a non- 
negative real number The transition P ^ 3^ has the following meaning: if ^(2) = v with v 7^ 0, then 
Q is reachable from P by executing a, the duration of such an execution being exponentially distributed 
with rate v; if 0^{Q) = 0, then Q is not reachable from P via a. 

RTSs have been used for providing a uniform semantic framework for modeling many of the different 
stochastic process languages, facilitating reasoning about them, and throwing light on their similarities 
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as well as on their differences. In |[8l, we considered a limited, but representative, number of stochastic 
process calculi and provided the RTS semantics for (fully) stochastic process languages both based on 
the CSP-like, multipart interaction paradigm and on the CCS -like, two- ways interaction paradigm. Then, 
in ifTOl . RTSs were extended by requiring that the domain of ^ be a generic semiring and other variants 
of stochastic process algebras are studied, in particular it is shown that also languages, like IML |[T3]| . 
that mix stochasticity and nondeterminism can be easily modeled. 

In m, we performed a further step in the direction of providing a uniform characterization of the 
semantics of different process calculi and introduced a more general framework than RTS, which could 
be instantiated to model not only stochastic process algebras but also classical process algebras, usually 
modelled via LTS, and other quantitative variants of process algebras that would consider time, probabili- 
ties, resources, etc.; we thus introduced ULTRAS {Uniform Labeled TRAnsition Systems). The transition 
relation of ULTRAS associates with a state and a given transition label a function mapping each state 
into an element of a generic domain D. An ULTRAS transition {s,a, is written s — > ^, with ^{s') 
being a D-value quantifying the degree of reachability of s' from s via the execution of a and ^^{s') = _L 
meaning that s' is not reachable from s via a. By appropriately changing the domain D, different models 
of concurrent systems can be captured. For example, if D is the set IB consisting of the two Boolean val- 
ues true and false we can capture classical LTSs, while if D is the set Mjo j] we do capture probabilistic 
models, and when D is the set M>o we do capture stochastically timed models. 

Of course, modeling state transitions and their annotations is one of the key ingredients; however, one 
has also to combine single transitions to obtain computations and find out ways for determining when two 
states give rise to "equivalent" computation trees. To this aim, in lH we introduced the notions of trace 
equivalence and bisimulation equivalence over ULTRAS. An important component of the equivalences 
definition is a measure function ^m{s, (X,S') that computes the degree of multi-step reachability of a set 
of target states 5" from a source state s when performing computations labeled with trace a. For instance, 
to capture classical equivalences over nondeterministic systems, the measure yields T if there exists a 
computation from s to S' labeled with a and ± otherwise. As another example, to capture probabilistic 
equivalences, the measure yields a value in M[o,i] that represents the probability of the set of computations 
labeled with a to reach a state in S' from s. 

In this note, we put ULTRAS at work and use them to provide a uniform semantical description for 
a few (qualitative and quantitative) variants of a very simple process algebra. For the sake of simplicity, 
we limit our attention to a purely nondeterministic, a fully probabilistic, and a fully stochastic calculus, 
without allowing any interplay between nondeterminism and quantitative aspects. In our view, the three 
(very compact) resulting sets of operational rules give evidence of the expressive power of our approach 
and help in appreciating similarities and differences among the three variants of the considered process 
algebra. 

The rest of the paper is organized as follows. In Sect. |2j we recap the basic notions of ULTRAS 
introduced in fT] and define three different types of behavioral equivalences over them. To the definition 
of trace and bisimulation equivalences already present in [4], we add the definition of testing equivalence 
together with the set up of the necessary testing framework that we have introduced in [5 |. In Sect.|3l we 
show how ULTraS can be used to provide the operational semantics of classical CSP [6] and of two of 
its probabilistic |[T7l l2]| and stochastic fSM variants. Finally, Sect.|4]reports on some future work. 
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2 Uniform Labeled Transition Systems 

The behavior of sequential, concurrent, and distributed processes can be described by means of the 
so called labeled transition system (LTS) model |[T6l . It consists of a set of states, a set of transition 
labels, and a transition relation. States correspond to the operational modes that processes can pass 
through. Labels describe the activities that processes can perform internally or use to interact with the 
environment. The transition relation defines process evolution as determined by the execution of specific 
activities and is formalized as a state-to-state reachability relation. 

In this section, we recall from ||41 a generalization of the LTS model that aims at providing a uniform 
framework that can be employed for defining and comparing the behavior of different types of process. 
In the new model, named ULTRAS from Uniform Labeled TRAnsition System, the transition relation 
associates with any source state and transition label a function mapping each possible target state to an 
element of a domain D. In other words, the state-to-state reachability relation typical of the LTS model 
is replaced by a state-to-state-distribution reachability relation. This is a consequence of the fact that 
the concept of next state is generalized via a function that represents a one-step reachability distribution, 
which expresses the degree of reachability from the current state of every possible next state. 

As shown in m, by appropriately changing the domain D we can capture different process models, 
in particular quantitative ones like Markov chains 1181 . For example: 

• If D is the support set IB = {±, T} of the Boolean algebra with the standard conjunction (A) and 
disjunction (V) operators, then we capture classical LTS models. 

• If D = , then we capture fully probabilistic models in the form of action-labeled discrete-time 
Markov chains (ADTMC). 

• If D = M>o, then we capture fully stochastic models in the form of action-labeled continuous-time 
Markov chains (ACTMC). 

2.1 Definition of the Uniform Process Model 

The definition of our uniform model is parameterized with respect to a complete partial order (D, C) 
whose elements express the degree of one-step reachability of a state. In the following, we denote by _L 
the C-least element of D and by [S — )■ D] the set of functions from a set S to D, which is ranged over 
by 

Definition 2.1 Let (D, C) be a complete partial order. A uniform labeled transition system on (D, C), or 
D-ULTraS for short, is a triple = {S,A, — >) where: 

• 5 is an at most countable set of states. 

• A is a countable set of transition-labeling actions. 

• — > C 5 X A X [5 — )■ D] is a transition relation. 

We say that the Z)-ULTraS ^ is functional iff — > is a function from 5 x A to [5 D]. H 

Every transition {s,a,!^) is written s-^Qi, with Q{s') being a D- value quantifying the degree of 
reachability of s' from s via the execution of a and 3){s') = _L meaning that s' is not reachable from s 
via a. When considering a functional ULTRAS, we will often write &s,a{s') to denote the same £)-value. 
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2.2 Behavioral Equivalences for the ULTRAS Model 

LTS-based models come equipped with equivalences through which it is possible to compare processes 
on the basis of their behavior and reduce the state space of a process before analyzing its properties. 
These behavioral equivalences result in a linear-time/branching-time spectrum fTl] [T5j [3l [1 1 including 
several variants of three major approaches: bisimulation [ 12] . trace [6|, and testing 171. We now recall 
how bisimulation, trace, and testing equivalences can be uniformly defined over the ULTRAS model. 
Their definition is parameterized with respect to a measure function that expresses the degree of multi- 
step reachability of a set of states. Similar to the one-step reachability encoded within an ULTRAS, in 
which we consider individual actions, multi-step reachability relies on sequences of actions commonly 
called traces, which are the observable effects of the computations performed by an ULTRAS . 

Definition 2.2 Let A be a countable set of transition-labeling actions. A trace a is an element of A*, 
where a = e denotes the empty trace. ■ 

Definition 2.3 Let ^ = {S,A, — >) be a D-ULTraS and (M, ©, (g)) be a lattice. An M-measure function 
for ^ is a function ■.SxA*x2^^M. ■ 

Note that different measure functions can induce different variants of a behavioral equivalence on 
the same D-ULTraS depending on the support set and the operations of (M, ©, (S)). Although D and M 
may be the same support set, this is not necessarily the case: while D-values are related to one-step 
reachability, M-values - especially those of the form ^m{s,oc,S') - are computed on the basis of 
Z)- values to quantify multi-step reachability. 

2.2.1 Trace Equivalence 

Trace equivalence is straightforward: two states are trace equivalent if every trace has the same measure 
with respect to the entire set of states when starting from those two states. 

Definition 2.4 Let = {S,A, — y) be a D-ULTraS and be an M-measure function for ^. 
We say that si,S2 G 5 are ^M-trace equivalent, written ~Tr,.^Af ^2, iff for all traces a G A*: 

2.2.2 Bisimulation Equivalence 

While trace equivalence simply compares any two states without taking into account the states reached 
at the end of the trace, bisimulation equivalence also poses constraints on the reached states. 

Definition 2.5 Let ^ = (5, A, — >) be a D-ULTraS and be an M-measure function for ^ . An 
equivalence relation over S is an ^^-bisimulation iff, whenever {s\,S2) G then for all traces 
a G A* and equivalence classes C ^Sj 

^m{si,C)C,C) = ^m{s2,CC,C) 
We say that si,S2 € S are ^^-bisimilar, written si '^b,.^m ^2, iff there exists an ^^-bisimulation ^ 
over S such that {si , S2) G H 

2.2.3 Testing Equivalence 

The definition of testing equivalence requires the formalization of the notion of test and the consideration 
of configurations rather than simple states. A test specifies which actions of a process are permitted at 
each step and can be expressed as some suitable ULTRAS that includes a success state, which is used to 
determine which ones are the successful computations. 
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Definition 2.6 Let (D, C) be a complete partial order. A D-observation system is a D-ULTraS 
^ = {0,A, — >) where O contains a distinguished success state denoted by (O such that, whenever 
(0 then ^(o) = _L for all o ^ O. We say that a computation of is successful iff its length 

is finite and its last state is ft). ■ 

A D-ULTraS can be tested only through a D-observation system by running them in parallel and 
enforcing synchronization on any action. The states of the resulting D-ULTraS are called configurations 
and are pairs each formed by a state of the D-ULTraS under test and a state of the D-observation system. 
A configuration can evolve to a new configuration only through the synchronization of two transitions 
- leaving the two states constituting the configuration - that are labeled with the same action and reach 
at least one state, i.e., two identically labeled transitions whose target functions are not identically equal 
to _L. 

For each such pair of synchronizing transitions, the target function of the resulting transition is ob- 
tained from the two original target functions by means of some D- valued function 5, which computes the 
degree of one-step reachability of every possible target configuration. Since _L represents unreachability, 
the only constraint on 5 is that it is _L -preserving, i.e., that it yields _L iff at least one of its arguments is _L. 
As a consequence of this constraint, in the case of nondeterministic processes 5 boils down to logical 
conjunction, whereas several alternative options are available in the case of probabilistic and stochastic 
processes. 

Definition 2.7 Let ^ = (5,A, — )-^) be a D-ULTraS, 0" = (6>,A, — )-ff) be a D-observation system, 
and 5 be a _L -preserving D- valued function. The interaction system of ^ and ^ with respect to 5 is the 
D-ULTraS = {Sx 0,A, — >) where: 

• Every element {s,o) £ S x O is called a configuration and is said to be successful iff o = (0. 
We denote by the set of successful configurations of J^{^ 

• The transition relation — > C (5 x O) x A x [(5 x O) ^ D] is such that (s,o)-^Q iff 
s-^a/^Qi\ and o-^ff&2 with &{s' ,o') being obtained from ^^\{s') and ^2(0') by applying 5. 
We say that a computation of J^^{'W , G) is successful iff its length is finite and its last configura- 
tion is successful. ■ 

Definition 2.8 Let ^ = (5, A, — be a D-ULTraS, J^m be an M-measure function for 5 be a 
_L -preserving D-valued function, and ^ = {0,A, — >0-) be a D-observation system. The extension of 
to J^^('^, ^) is the function ^^'^ : {S x O) x A* xl^"^^ ^ M whose definition is obtained from 
that of by replacing states and transitions of ^ with configurations and transitions of J^^('^, ^). ■ 

Definition 2.9 Let = (5, A, — >i^/) be a D-ULTraS, be an M-measure function for ^ , and 5 be 
a _L -preserving D-valued function. We say that s\,S2£S are ^^-testing equivalent, written ~.p ^5 S2, 
iff for all D-observation systems = (0,A, — with initial state o G O and for all traces a G A*: 

3 ULTRAS in Use: Three Experiments with CSP 

In this section, we show that the ULTraS formalism can be used for providing operational models of 
different kinds of process algebra. In particular, we will see how operational semantics of the language 
of Communicating Sequential Processes (CSP) m and two of its variants, which respectively extend 
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the calculus with probabiUstic binary operators and exponentially timed actions, can be easily described 
within the ULTRAS model by appropriately instantiating the domain D. 

First, we introduce the syntax of the nondeterministic language and its operational semantics in terms 
of ULTraS. For the sake of simplicity, we only consider a kernel of CSP and omit some operators, like 
hiding and renaming, because their treatment would add very little to the message we wish to convey. 
Then, we focus on the probabilistic and stochastic variants of the kernel of CSP by exhibiting a suitable 
ULTRAS-based operational semantics for each of them. 



3.1 1-ULTraS Semantics for a Kernel of CSP 

In CSP, systems are described as interactions of components that may engage in activities. Components 
reflect the behavior of the important parts of a system, while activities capture the actions that the compo- 
nents perform. The choice among the activities that are enabled in each system state is nondeterministic. 

Let A be a countable set of activities. We denote by Pcsp the set of process terms defined according 
to the following grammar: 



P ::= a.P\P + P\P\\LP\B 



where a € A, L C A, and B is a behavioral constant defined by an appropriate equation of the form A = P 
for some process term P in which constants occur only guarded in P, i.e., inside the scope of an action 
prefix. Component a.P models a process that performs activity a and then behaves like P. Component 
Pi +P2 models a process that may behave either as Pi or as P2. The operator Pi WlPi models instead 
the parallel execution of Pi and P2, which synchronize (or cooperate) on every activity in L and proceed 
independently on every activity not in L. The behavior of constant B is the same as that of the process 
term P on the right-hand side of its defining equation. 

The semantics for the considered kernel of CSP can be described in terms of the following functional 
B-ULTraS: 

(Pcsp,A,^) 

whose transition relation — > is defined in Table [T] Given a transition P — > ^, intuitively we have that 
^(2) = T means that Q is reachable from P via an a-transition, while ^(2) = -L means that it is not 
possible to reach Q from P by executing a. 

Rule Act states that a.P evolves via a to [P T], with the latter being the function associating 
T with P and _L with all the other process terms. On the contrary, 0-ACT establishes that no state is 
reachable from a.P by performing any action b ^ a. This is formalized by letting a.P evolve via b ^ a 
to [], the function associating _L with each process term. Rule Sum describes nondeterministic choice: 
the states reachable from Pi +P2 via a are all those that can be reached either by Pi or by P2. Indeed, 
&i V &2 denotes the function & such that Si{Q) = S!\ [Q) V ^2(6) for all process terms Q. 

Rules Coop and Int govern parallel composition. Rule CoOP is used for computing the next-state 
function when a synchronization between Pi and P2 occurs. Whenever Pi — '2l\ and P2 — > ^2 with 
a € L, then Pi ||tP2 evolves via a to ^1 ||l^2, where (^1 \\l^2){Q) is ^i(ei) A ^2(62) if 2 = Gi \\lQi 
and _L otherwise. Rule iNT deals with a ^ L. In that case, if Pi ^1 and P2 ^ ^2, then Pi ||tP2 
evolves via a to (i^i WlPi) V (Pi WlS^i), where ^1 WlPi (resp. Pi \\i QJ-i) denotes the function QJ such that 
'2s{Q) is ^1 (P;) (resp. ^2(^2)) if 2 = P[ W^i (resp. Q = P\ ||lP^) and _L otherwise. 
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b^a ^ B = P P^& 
2 Act 7 — 0-AcT Call 

Sum 



Coop 



Pi^&i P2^&2 alL 

2 iNT 

Pi||lP2^(^i||lP2)V(Pi||l^2) 



Table 1: ULTRAS -based operational semantic rules for CSP 



3.2 M[o i] -ULTRAS Semantics for PCSP 

We now consider a probabilistic variant of CSP that we call PCSP. While in CSP the next action to 
execute is selected nondeterministically, in PCSP it is selected according to some discrete probability 
distribution that can be different from state to state. Taking inspiration from ifTTl 121, the probabilistic 
calculus PCSP is obtained from CSP by decorating the alternative and parallel composition operators 
with a probability value p G Mp^ij. 

We denote by Fpcsp the set of process terms defined according to the following grammar: 



P ::= a.P\P+pP\P\\L''P\B 

Component Pi +p P2 models a process that, after performing an action, behaves as the continuation of Pi 
with probability p or the continuation of P2 with probability I— p. Similarly, in Pi P2 the value p is 
used to regulate the interleaving of Pi and P2. 

The semantics for PCSP can be described in terms of the following functional M[oj] -ULTRAS: 

(Ppcsp,A,^) 

whose transition relation — > is defined in Tabled Given a transition P — > S^, intuitively we have that 
Si{Q) > means that Q is reachable from P via an a-transition with probability &{Q), while &{Q) = 
means that it is not possible to reach Q from P by executing a. Note that S^iQ) G {0, 1}. 

The first three rules are identical to the first three rules of Table [H with the difference that [P 1— 1] 
denotes the function associating 1 with P and with all the other process terms, while [] denotes the 
function associating with each process term. Rule SUM relies on the following notation: 

• ^1 + ^2 denotes the function & such that &{Q) = Qi\ {Q) + ^2(2) for all process terms Q. 

• yS) denotes the function Ss' such that = ^ • Si'{Q) if y 7^ and otherwise. 

This rule asserts that the states reachable from Pi +p P2 via a are obtained by aggregating according to p 
the probability distributions associated with Pi and P2 after a. When both Pi and P2 can perform a, i.e.. 
Pi ^1 and P2-^ ^2 with % and ^2 both different from [], then ©^1 = ©^2 = 1 and hence the 



M. Bernardo, R. De Nicola & M. Loreti 



73 



b^a ^ B = P P^3! 
Act 7 — 0-AcT Call 

^ Coop 



'^2 a^L 



p-®9\ 

P-e®i+{i-p)-i 



(^i||l/'2) + 



(l-p)-®^2 

P©s?i+(i-p)-e^2 



(AIIl^i) 



iNT 



Table 2: ULTRAS-based operational semantic rules for PCSP 



aggregate probability distribution reduces to p ■ ^ ( \ — p) ■ ^2- In contrast, when Q\ (resp. ^2) is 
equal to [], then ©i^i = (resp. ©^2 =0) and hence the aggregate probability distribution reduces to 
^2 (resp. 

Rules Coop and Int govern parallel composition. They are similar to the two corresponding rules 
of Table [U with the differences that (i) in the synchronization case {Q\ ||l ^2)(G) is ^1 • ^2(62) if 
Q = Q\\iF Qi and otherwise, while (ii) in the interleaving case a SUM-like aggregation based on p of 
the probability distributions associated with Pi and P2 after a comes into play. 



3.3 M>o-ULTraS Semantics for PEPA 

Building on |9, 8|, we finally consider a stochastically timed variant of CSP called Performance Evalu- 
ation Process Algebra (PEPA) 1 14|. In this calculus, every action is equipped with a rate A € M>o that 
uniquely characterizes the exponentially distributed random variable quantifying the duration of the ac- 
tion itself (the expected duration is 1/A). The choice among the actions that are enabled in each state is 
governed by the race policy: the action to execute is the one that samples the least duration. Therefore, 
(i) the sojourn time in each state is exponentially distributed with rate given by the sum of the rates of 
the transitions departing from that state, (ii) the execution probability of each transition is proportional 
to its rate, and (iii) the alternative and parallel composition operators are implicitly probabilistic. 
We denote by Ppepa the set of process terms defined according to the following grammar: 

P ■:.= {a,X).P\P^P\P\LP\B 

Component {a,X).P models a process that can perform action a at rate A and then behaves like P. 
The semantics for PEPA can be described in terms of the following functional M>o-ULTraS: 

(PpEPA,A,^) 

whose transition relation — > is defined in Table [3l Given a transition P — > intuitively we have that 
^{Q) > means that Q is reachable from P via an a-transition at rate &{Q), while &{Q) = means 
that it is not possible to reach Q from P by executing a. 

The rules of Table [3] are similar to those of Tabled with the differences that (i) [P 1— )■ A] denotes the 
function associating A with P and with all the other process terms, (ii) no normalization is needed in 
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aj^b B = P P^9 

Act 7 — 0-AcT Call 

{a,X).P^{P^X\ (a,A).P^[] 

Sum 

A ^ ^1 P2^&i aeL 



Pi^^i Pi^^i a^L 
Pi\\lP2^{^i\\lP2) + {Pi\\l^2) 



Coop 



iNT 



Table 3: ULTRAS-based operational semantic rules for PEPA 



rules Sum and Int because transition rates simply sum up due to the race policy, and (iii) the multiplica- 
tive factor in rule CoOP is specific to the PEPA cooperation discipUne based on the slowest component. 

4 Conclusions and Future Work 

After recalling the ULTRAS model from plIS*], in this paper we have extended the scope of the work 
done in 19] m [TOl by exhibiting the ULTRAS-based operational semantic rules for CSP and two of 
its probabilistic and stochastically timed variants. These three experiments seem to indicate that the 
ULTraS model naturally lends itself to be used as a compact and uniform semantic framework for 
different classes of process calculi. 

With respect to future work, we plan to continue our experiments by using the ULTraS model for 
describing the operational semantics of other process description languages of nondeterministic, prob- 
abilistic, or stochastic nature, as well as process calculi combining nondeterminism and probability or 
stochasticity. This should help to assess the relative expressiveness of their operators and establish gen- 
eral properties for the various languages. Moreover, the uniform characterization of the equivalences 
might help in evaluating and discerning among the many relations proposed in the literature. It would 
be, indeed, interesting to determine which of the existing relations can be obtained as instances of the 
general framework. 

This study may also lead to the definition of a uniform process calculus with an ULTRAS-based 
operational semantics and the development of uniform axiomatizations of bisimulation, trace, and testing 
equivalences. From this calculus, it should be possible to retrieve the originally proposed calculi by 
varying the target domain and the behavioral operators. We shall also consider further options related to 
quantitative aspects like including quantities within actions {integrated quantity approach) or attaching 
them to traditional operators or providing specific operators for them {orthogonal quantity approach). 

Finally, it would be interesting to see whether is is possible to build generic tools for supporting 
verifications that are based on the uniform model and have only to be instantiated to deal with the specific 
calcuU. 
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